Efficient Triage and Response Using Intelligence-Driven Orchestration

Finding ways to increase speed, accuracy, and efficiency when responding to threats should be the goal of any security team. Baking threat intelligence into the day-to-day efforts of detecting and responding to threats is a great way to see some of these benefits. Going further and leveraging the power of a playbook-driven orchestration platform can dramatically improve efficiency and consistency.

In this webinar, these concepts will be explored with practical guidance on how to use threat intelligence to feed orchestration which in-turn can drive automated triage or defensive actions. The result is a well-oiled machine where analysts can be situationally aware and quickly drive appropriate response to threats.

Available:

On Demand

Duration:

1h 00min

When you attend this webinar, you will:

Understand how intelligence can be used to reduce false positives, add context to detections, and provide direction on the most critical events to respond to

Know how intelligence should feed into and be fed by incident response activities

Recognize areas where orchestration can help automate repetitive analyst tasks

Get the basics of how to build an efficient response system that is tuned to your environment

Featured Speakers

Travis Farral

Director of Security Strategy

Anomali

Travis Farral is the Director of Security Strategy for Anomali. With over 20 years of security industry experience, he has developed a strong background in threat intelligence, incident response, and Industrial Control Systems security. Previously Travis ran the Cybersecurity Intelligence & Strategic Services team at ExxonMobil and spent several years at companies such as Nokia and XTO Energy.

Paul Davis

VP of Delivery

Phantom

Paul is a seasoned IT Security Executive with a global reputation for building organizations and delivering services. He has more than 20 years of experience working with security operations teams and solving security challenges at top companies including EDS, General Motors, GE, Cisco, Dow Chemical, The Washington Post, The United Nations, MCI, Prudential, and Mitsui. Prior to joining Phantom, Paul held a number of senior leadership roles including EDS’ Chief Information Security Officer at General Motors, Chief Security Officer at Dow Chemical, and Director of Security Operations for a major financial exchange. Paul earned a CISSP certification, and is a member of ISSA, IACs, and the MIT Enterprise Forum of Cambridge.